Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/K-BqbESSRx3Yj4firy2GiSJYedk.roa
File: K-BqbESSRx3Yj4firy2GiSJYedk.roa (raw, json)
Hash identifier: ztU8/cjCw1EzlWd4zVd+Pf6WeSXNXfqcpp3+tX5nZDE=
Subject key identifier: 2B:E0:6A:6C:44:92:47:1D:D8:8F:87:E2:AF:2D:86:89:22:58:79:D9
Certificate issuer: /CN=eebe79d147882422ec275417dfd2affa93a02757
Certificate serial: 0194228D85E0AF090B3A3C4BC23330B46BE4
Authority key identifier: EE:BE:79:D1:47:88:24:22:EC:27:54:17:DF:D2:AF:FA:93:A0:27:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/K-BqbESSRx3Yj4firy2GiSJYedk.roa
Signing time: Wed 01 Jan 2025 15:48:07 +0000
ROA not before: Wed 01 Jan 2025 15:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200154
IP address blocks: 95.86.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:85:e0:af:09:0b:3a:3c:4b:c2:33:30:b4:6b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebe79d147882422ec275417dfd2affa93a02757
Validity
Not Before: Jan 1 15:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2be06a6c4492471dd88f87e2af2d8689225879d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f1:e3:a7:53:d8:7c:fd:57:a4:de:4b:48:dd:
e9:0a:33:38:f3:64:da:de:20:84:7e:85:bc:1b:39:
2a:60:01:5c:2b:4b:6f:cf:c4:03:e2:ec:6d:af:67:
19:7b:c4:45:f2:00:08:1d:e7:4c:9b:9c:81:01:19:
10:17:fd:25:73:79:26:04:c5:4a:fb:39:09:37:f1:
49:4e:0d:83:48:bf:6b:56:b8:06:5e:14:a9:b8:be:
e1:90:f6:64:4d:f5:f3:f8:e9:01:cd:b2:e7:42:f4:
11:40:21:4f:93:93:f3:61:f5:04:3b:8f:ee:a1:9a:
a6:7a:fc:b4:56:ce:1d:f1:3e:10:b0:6c:de:fc:00:
bf:c4:33:5d:17:04:8d:13:ce:49:ce:d4:61:7d:ea:
a1:b4:8d:42:f9:eb:d1:f7:05:33:49:05:b8:60:51:
91:41:19:bb:b6:c7:b4:82:6a:9c:b7:e3:bc:56:77:
a7:f8:7c:b4:d0:a0:2f:af:f3:8b:15:06:de:c2:bc:
d9:22:f0:4a:aa:90:9d:69:09:d6:a1:81:af:26:4a:
b9:5f:cd:fc:bb:2d:dc:5a:4b:5a:91:b8:9a:7b:a0:
6a:e3:02:b6:dc:e2:05:f9:e1:1b:8a:ea:e0:66:de:
39:5d:51:a5:3d:02:f7:3b:75:0a:2b:bb:4d:ef:e6:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E0:6A:6C:44:92:47:1D:D8:8F:87:E2:AF:2D:86:89:22:58:79:D9
X509v3 Authority Key Identifier:
keyid:EE:BE:79:D1:47:88:24:22:EC:27:54:17:DF:D2:AF:FA:93:A0:27:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/K-BqbESSRx3Yj4firy2GiSJYedk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/7r550UeIJCLsJ1QX39Kv-pOgJ1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.86.136.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:6f:cc:86:e5:80:90:d3:da:33:f0:68:25:24:e2:45:d5:d3:
e3:fd:14:36:d8:c7:e3:cc:f8:4e:e1:28:27:e9:9b:5e:33:ca:
a6:7f:3d:aa:50:34:1d:cf:fc:90:6b:7b:91:09:1b:d6:70:b7:
b0:c3:6f:91:29:86:b6:bf:19:0c:81:6b:0a:b8:7b:75:a2:f2:
83:7e:9b:da:d5:79:b5:26:df:79:7e:fa:c1:d0:c5:19:87:40:
d9:91:6f:4a:93:7c:66:7a:81:8f:d7:a1:d8:5c:71:f5:13:41:
b8:a1:75:6e:2e:a6:88:f2:20:4c:fe:2f:0a:af:bf:e0:db:83:
a0:b5:16:f0:3c:77:3a:0c:d0:21:82:02:18:3c:bd:4c:fe:9f:
f2:d2:d1:fe:d2:92:e5:f6:93:a6:a0:ff:50:11:8a:a0:35:c4:
1d:6b:31:13:10:25:b4:ff:e2:67:8f:27:68:52:65:d6:e5:ad:
9b:55:8b:b1:a9:a8:1e:59:ae:a6:ca:56:ee:16:5a:63:b9:fd:
02:8b:1a:5d:d1:81:54:30:c7:ab:71:2c:9e:25:8f:ff:ff:3a:
fa:f7:4d:d8:b6:80:db:c9:c0:1b:8f:12:3a:71:fa:9f:c5:79:
a7:0b:a9:7c:36:2b:6e:13:7a:a7:9f:30:64:a2:fd:64:38:72:
52:d9:a0:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijYXgrwkLOjxLwjMwtGvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmU3OWQxNDc4ODI0MjJlYzI3NTQxN2RmZDJhZmZhOTNh
MDI3NTcwHhcNMjUwMTAxMTU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmUwNmE2YzQ0OTI0NzFkZDg4Zjg3ZTJhZjJkODY4OTIyNTg3OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPHjp1PYfP1XpN5LSN3pCjM482Ta
3iCEfoW8GzkqYAFcK0tvz8QD4uxtr2cZe8RF8gAIHedMm5yBARkQF/0lc3kmBMVK
+zkJN/FJTg2DSL9rVrgGXhSpuL7hkPZkTfXz+OkBzbLnQvQRQCFPk5PzYfUEO4/u
oZqmevy0Vs4d8T4QsGze/AC/xDNdFwSNE85JztRhfeqhtI1C+evR9wUzSQW4YFGR
QRm7tse0gmqct+O8Vnen+Hy00KAvr/OLFQbewrzZIvBKqpCdaQnWoYGvJkq5X838
uy3cWktakbiae6Bq4wK23OIF+eEbiurgZt45XVGlPQL3O3UKK7tN7+avMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvgamxEkkcd2I+H4q8thokiWHnZMB8GA1UdIwQY
MBaAFO6+edFHiCQi7CdUF9/Sr/qToCdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3I1NTBVZUlKQ0xzSjFRWDM5S3YtcE9nSjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jNDRiN2YtNWJjZC00ZWU3LTg3MTIt
Mzg4MjNjMTQ0OWFmLzEvSy1CcWJFU1NSeDNZajRmaXJ5MkdpU0pZZWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jNDRiN2YtNWJjZC00ZWU3LTg3MTItMzg4MjNjMTQ0OWFm
LzEvN3I1NTBVZUlKQ0xzSjFRWDM5S3YtcE9nSjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX1aIMA0G
CSqGSIb3DQEBCwUAA4IBAQB+b8yG5YCQ09oz8GglJOJF1dPj/RQ22MfjzPhO4Sgn
6ZteM8qmfz2qUDQdz/yQa3uRCRvWcLeww2+RKYa2vxkMgWsKuHt1ovKDfpva1Xm1
Jt95fvrB0MUZh0DZkW9Kk3xmeoGP16HYXHH1E0G4oXVuLqaI8iBM/i8Kr7/g24Og
tRbwPHc6DNAhggIYPL1M/p/y0tH+0pLl9pOmoP9QEYqgNcQdazETECW0/+Jnjydo
UmXW5a2bVYuxqageWa6mylbuFlpjuf0Cixpd0YFUMMercSyeJY///zr6903YtoDb
ycAbjxI6cfqfxXmnC6l8NituE3qnnzBkov1kOHJS2aAk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:18 2025 by rpki-client on console.sobornost.net